\begin{abstract}
Modern medical information systems collect large amounts of diverse
patient data in order to facilitate a higher level patient care. Although
desirable, this functionality has a tremendous potential for abuse,
where patient information can be shared, disclosed and used for other
(secondary) purposes. In most cases, patient consent is solicited
and institutional policies are put in place to limit the privacy and
security risks. However, in practice these measures have proven to
be inadequate, resulting in violation of patient consent even for
non-life threatening scenarios. We propose a framework to capture
privacy \& security policies and to protect exchange of sensitive
medical patient information. Our framework is comprised of distributed
multiagent environments reflecting healthcare institutions and personnel.
We utilize semantic techniques for data representation and reasoning.
Furthermore, we do not require pre-established trust relationships
to be present for exchanging private sensitive information between
multiple parties. In our proposed framework, all decisions to share
information, are backed up by semantic proof of authorization that
can be verified by an independent third party.

{\bf TODO: revise}
\end{abstract}

